Cobbler + puppet or Ubuntu 12.04 network installation

Introduction

Sooner or later, every serious company has to think about the legalization of its IT infrastructure. Take the medium-sized company N. Central office, 30 small branches. Everywhere there are workstations under Windows, mainly XP. On more recent machines, laptops, there are windows 7 and 8, on servers 2k3, 2k8, ubuntu-server.
The company is expanding not too fast, and the small IT department manages to roll out new machines from the previously created images of Acronis. But in order to reduce costs / legalize infrastructure / clean conscience, a decision is made to switch to opensource. There is a different scale of the tragedy, to reinstall many workstations with your hands - a long and ungrateful process. Under the cut - one of the solutions to this problem.

1. Tools and installation of the required packages.

It was decided to install Ubuntu 12.04.3 LTS using PXE. Cobbler and puppet were chosen as implementation tools.
obbler is a network installation server for Linux, which provides fast building of the necessary deployment environment and managing the OS installation process on new computers or virtual machines (Xen, qemu, KVM or VMware Server), and subsequent reinstallation of systems.
Cobbler is written in Python and is a bundle for some PXE, TFTP, DHCP, and other standard components for such cases.

Install the packages we need:

sudo apt-get install cobbler cobbler-common cobbler-web dhcp3-server xinetd tftpd tftp debmirror 

By default, we will get cobbler version 2.2.3, which is not very good. Why - find out further.
')
Then check if our cobbler is happy with everything:

 sudo cobbler check 

What should be seen in response:

 No configuration problems found. All systems go. 

Sync configuration:

 sudo cobbler sync 

Now the cobbler is ready for further customization.

2. Configure Cobbler

Change the cobbler configuration by specifying the network settings of the server on which it is installed:

 sudo dpkg-reconfigure cobbler 

We specify the server address on the network, the password for the cobbler web interface.
Configure the cobbler to use DHCP:

 sudo nano /etc/cobbler/settings 

change

 manage_dhcp: 0 

on

 manage_dhcp: 1 

Reboot and sync the cobbler configuration:

 sudo service cobbler restart sudo cobbler sync 

Let's change the DHCP template that cobbler will transmit to the isc-dhcp-server:

 sudo nano /etc/cobbler/dhcp.template 

We lead to the form:

 subnet 192.168.1.0 netmask 255.255.255.0 { # option routers 192.168.1.254; #  option domain-name-servers 192.168.1.254; # DNS  option subnet-mask 255.255.255.0; # range dynamic-bootp 192.168.1.10 192.168.1.20; #  IP 

And reboot the cobbler again:

 sudo service cobbler restart sudo cobbler sync 

Now cobbler is ready to import your ISO file, but here, as promised, I will explain the situation with some nuances of cobbler 2.2.3.

Actually, the nuances.

The first rake, which drove my bike, was the fact that I could not import the image of the desktop version. After importing to cobbler, it was not visible in the list of possible distributions for installation. After the forums of our overseas friends google - it turned out that you need to use alternate, server, mini versions of Ubuntu distributors, the desktop cobbler simply does not see (although there are some workaround, but it was easier for me to download alternate). Also, a feature of version 2.2.3 is that it does not create a local distribution from your image, only the kernel loads during installation, all other packages are downloaded from repositories on the Internet. At least so it was with the image of lubuntu-12.04-alternate-i386. In version 2.4, a local distribution is created, and the packages are installed directly from your ISO image.

Continue
Let's mount our image and import it into the cobbler distribution list:

 sudo mount -o loop lubuntu1203.iso /mnt sudo cobbler import --name=lubuntu-12-4 --path=/mnt --breed=ubuntu 

The cobbler-web package was not in vain. We can access its web-interface at the following address: 192.168.1.2/cobbler_web

Here you can set up a lot of useful things, add your distributions, packages, repositories, profiles, and more. Our task is to customize the profile we imported. Go to Profiles, where we see lubuntu-12-4, click Edit. Here our task is to add kickstart

Already at the last stage, when installing Ubuntu on a client machine, I came across the error “Bad Archive Mirror”.
Solved by copying and renaming the kickstart file

 /var/lib/cobbler/kickstarts/ubuntu-server.preseed 

at

 /etc/cobbler/precise.ubuntu.alternate.lan.preseed 

In our profile, we will write the path to the kickstart in the appropriate place:

3. Puppet

The puppet was given the function of fine-tuning the machines. In the example I reviewed, the presence of some packages on the client machine, and their installation, in case of absence, will be checked.
Install puppet on the server:

 sudo apt-get install puppetmaster 

And on the client:

 sudo apt-get install puppet 

For convenience, by the way, in / etc / cobbler / settings there is a puppet_auto_setup parameter that puts the puppet automatically, but requires you to have a local copy of EPEL on your server. Either I do not fully understand, or the idea is really stupid, but everything can be implemented through the post-install script in the cobbler itself is much easier.
It is assumed that the machines get their names from DNS, otherwise, you will have to configure the hosts files on the client and the puppet server, respectively.

 192.168.0.1 puppetmaster.example.com puppetmaster puppet 192.168.0.10 puppetclient.example puppetclient 

Create a manifest /etc/puppet/manifests/site.pp with the following content (the packages are chosen for an example, for detailed configuration of puppet, refer to its documentation):

 $base_packages = [ “gnome”, “mc”, “openssh-server”, “vim” ] package { $base_packages: ensure => installed } 

The final step for this simple Puppet server is to restart the service:

 sudo /etc/init.d/puppetmaster restart 

Now we can request a certificate from the client:

 puppet agent --server puppetmaster --waitforcert 60 --test info: Creating a new SSL certificate request for puppetclient 

View the certificate signing request on the server:

 puppet cert --list 

Now we have to see the request from the client, we will sign:

 puppet cert --sign puppetclient 

At the first attempt to connect to the server, the puppet generated an error that the server name in the certificate does not match the name to which the request was /etc/puppet/puppet.conf , you need to edit /etc/puppet/puppet.conf

 [master] certname=puppetmaster 

That's all, the client machine will install the packages specified in the manifest.

Conclusion

This process may differ slightly on different distributions. You may need to create the missing folder, which will be explicitly written in the console. It was also not possible to overcome the hangup at the beginning of the installation, for about 15 minutes, it may seem that the machine just hung. As far as I was able to learn, deduplicate is running. Too often found bug described in bug trackers. Why, why - maybe someone will tell exactly here. Criticism, advice, corrections - are welcome.